Resume

Sign in

Director of Cyber and Information Security

Location:
Lake Jackson, Texas, United States
Salary:
$155,000
Posted:
March 26, 2019

Contact this candidate

Resume:

Michael Krogstad

CONTACT

Phone:

979-***-****

Address:

*** ********* **

Lake Jackson, TX 77566

Email:

ac8wu8@r.postjobfree.com

Global IT Professional with accomplished success developing and managing global teams to produce solutions that exceed the needs of the business community, supports the necessary requirements for compliance, and provides a secured environment to protect the critical intellectual and business assets.

20+ years of IT experience including a current Fortune 1000 global company and integrating IT with business processes.

20+ years of experience with IT Merger and Acquisition Global managing 12 project system and network integration in networking and application systems deployment with multi-site and multi-national teams.

4+ years of experience in strategic and tactical implementations and management of a security/cybersecurity framework and solutions.

15+ years of establishing and managing strong cohesive global technical teams with mentoring of divisional IT managers.

15+ years of establishing and managing IT vendor relationships and risk management.

Established and managed a security framework designed to proactively support the business needs to secure and protect the data of the customer with integrations of security solutions in key areas.

Experience

Benchmark Electronics, Inc.

October 1992 to November 2018

Corporate IT Security Manager - Global Security and Governance

July 2014 to November 2018

Responsible for managing the development and implementation of the global security and governance strategy, including support for Sarbanes-Oxley, CUI/ITAR/DoD and FDA requirements. This includes the development of policy standards, guidelines, and procedures to ensure ongoing management of security and aligns IT risk management processes and strategy with corporate processes. Information protection responsibilities include cyber security, network security architecture, network access and monitoring policies, and employee education and awareness.

Monitored compliance with federal laws related to government contracting, information security and general compliance (SOX, CUI, ITAR, EAR, HIPPA, NIST).

Responsible for documentation and compliance of all IT SOX controls, assisting Internal Audit with testing and reporting results to the Audit Committee.

Developed and managed incident response planning, investigation of security breaches, assisting with disciplinary and legal matters associated with such breaches.

Oversaw and participated in security incidents and responses to protect corporate IT assets with reporting to upper management.

Managed resource allocation to increase the maturity of the security program

Develop business-relevant metrics to measure the efficiency and effectiveness of the program.

Ensure authorized access by investigating improper access, revoking access, and reporting violations.

Evaluates and recommends new information security technologies and counter-measures against threats.

Specific Security Projects

NIST 800-171 Implementation - metrics, documentation, tracking, customer reporting and project oversight.

Gemalto MFA deployment for CUI data with Palo Alto firewalls for segregation.

Implemented global full disk encryption (Trend Micro) of laptops on more than 1200 devices. Vormetric encryption on the storage side.

Oversight and implementation of the global Vulnerability Management (Tenable) program for 28 sites and 18,000+ endpoints

Oversight and implementation of LogRhythm SIEM for threat analysis and detection across the enterprise.

Oversight and implementation of Incident Response planning and execution for the enterprise

Oversight and Implementation of network auditing (Nmap, SolarWinds) process for 18,000+ endpoints.

Oversight and Implemented global Security Awareness program (KnowBe4) for 6500 employees

Oversight and active involvement in a Security Strategy Assessment that fed back into the global security program.

Corporate IT Manager - Operations

March 1999 to June 2014

Managed a team of 5 - 8 people. Responsibility was for capital and expense items associated with operations, project planning and oversight of system upgrades and migrations, and global support of the back-end infrastructure and network.

Direct report to the CIO with dotted line accountability and cost justifications to the CFO, President, and CEO.

Managed an $11M annual CapEx budget for special projects, telecom investment, and back end infrastructure improvements and maintenance.

Global support of the back-end infrastructure resulting in robust systems with over 99.9% up-time.

Develop Global IT Corporate Regulatory Standards (Sarbanes-Oxley, ITAR, FDA) to align and maintain global IT processes.

Integrate systems and directed teams for all M&A activity for IT.

Managed and maintained disaster recovery resources and plans of the corporate data center and of the disaster recovery support systems.

Managed team with the following technology: Windows server, Microsoft SQL, Microsoft Exchange, Microsoft SharePoint, Cisco Network Devices, Oracle, SolarWinds, Proofpoint Mail protection, NetApp and EMC Storage, SafeNet Storage Encryption.

Specific Operations Projects

Management and Deployment of corporate PLM (Oracle Agile) Application to 28 sites

Managed Two upgrades of back end UNIX ERP (Infor Baan) System Hardware and Storage

Upgrade WAN from Frame Relay to MPLS with DMVPN (Cisco) in the event of connectivity loss.

12 integration projects for acquisitions of other companies.

Managed the uplifting of the data center to add better power distribution, cooling, and management to meet increased cooling and power demands.

Principal Engineer

October 1992 to February 1999

Began as a design engineer doing design work for the manufacturing environment in the are of test design and programming working with customer requirements. With the growth of Engineering, the role moved into a support role of the network systems.

Design and implementation of Windows/Exchange environment.

Administration of SunOS/Solaris network and servers

Internet/Intranet maintenance of web, ftp, and mail sites.

Implementation and Administration of network services including DHCP, DNS, WINS, Authentication, Remote Access, Network Backups.

Project management and implementations of Network OS change and Exchange email.

Programming in C, Visual Basic, VB Script, JavaScript, and Perl.

Up-N-Running Consulting Inc.

July 1996 to February 2000

Senior Network Engineer

Performed consulting service to meet the challenges of the customer in the areas of network design, installation and maintenance along with project planning and implementation.

Phoenix International Corp

January 1991 to July 1992

Software Design Engineer

Performed product system design from initial conception to production including software design of the manufacturing test software. Designs were centered around micro-controller control systems. Also supported UNIX workstations and LAN.

Certifications & Training

PMP

2016

Project Mangement Academy

Live Training Course

CISSP

2015

ISC2

Online Live Training Course

ITIL

2014

ServiceNow

Completed with ITIL Foundations Certificate

Education

North Dakota State University - Fargo, ND

B.S. in Electronic and Electrical Engineering

Northwestern College - Roseville, MN

General Studies

Named changed to University of Northwestern

Organizations

Infragard - Houston Chapter

ISACA - Greater Houston Chapter

ISSA - Gulf Coast Chapter

Skills

Architecture, Asset Inventory Management, Budgeting, Budgets, Cisco, clustering, Computer Hardware, Contract Negotiation, Cross-functional Team Leadership/Development, Data Center, Database Management, DHCP, Disaster Recovery, DNS, Due Diligence, Enterprise Architecture, ERP, Exchange, Firewall, Governance, Hardware Management, Help Desk, Information Security, Information Technology, Integration, IT Governance, IT Management, IT Operations, IT Strategy, ITAR/DoD, ITIL, Leading, Leadership, Legal, Management, Manufacturing, Mergers and Acquisitions, Microsoft Office, Network Administration, Network Architecture, Network Design,Network Security, Networking, Operating Systems, Oracle, Organization, Penetration Testing, PLM,Policy, Problem Solving, Process Improvement, Procurement, Program Management, Programming, Project management, Project Planning, Policy Administration, Policy Development, Policy Management, Purchasing, Reporting, Risk Management, SAN, Sarbanes-Oxley Act, Scheduling, Security, Servers, SIEM, Software Design, SQL, Staff Supervision, Staff Development, Staffing, Strategic Planning, Strategy, System Administration, System Design, Team Leadership, Telecommunications, Testing, Training and Development, Troubleshooting,Unix/Linux, Virtualization, Vulnerability Mangement, WAN, Windows



Contact this candidate